bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Peter Todd

Posted on: October 20, 2023 11:03 UTC

The email discusses the concept of increasing the multiplier when fee bumping.

The sender clarifies that increasing the multiplier refers to starting with a smaller multiplier at the beginning of the range and ending with a bigger one. This approach allows for using most of the range for smaller bumps as a percentage, while reserving larger percentage bumps for the end when the strategy shifts to something more "scorched-earth".

Furthermore, the sender mentions applying this idea to commitment transactions, which would involve removing HTLCs when their value drops below the fees necessary for mining those outputs. It is also noted that simultaneous variants of transactions can be signed, deducting the fees from different parties' outputs. For example, Alice can give Bob the ability to broadcast higher fee transactions, taking the fees from Bob's outputs, and vice versa.

The sender acknowledges not having thought through how this would work with musig, but mentions that it can be done with plain old OP_CheckMultisig.

To access more details and information, the sender provides a link to Peter Todd's website: https://petertodd.org.